On Sun, Jul 13, 2003 at 01:33:52AM -0400, Noah L. Meyerhans wrote: > On Sat, Jul 12, 2003 at 11:43:02PM -0300, Peter Cordes wrote: > > This is at least the third time this has come up that I remember. However, > > absolute statements like *can not* get me thinking: Is there any any sort > > of file that can't be executed from /tmp? What about statically linked ELF > > binaries? /lib/ld-linux.so.2 /sbin/e2fsck.static segfaults. In five > > minutes, I haven't thought of a way to execute one. > > Perhaps something like SELinux, employing ACLs, could do the job? I > don't know a whole lot about it. Err, what I was saying was that I can't think of a way for an attacker to run a static binary from /tmp. Thus, making /tmp noexec does actually prevent that, contrary to your hypothesis that one *can not* prevent execution. (As I said, this is not very useful, because the attacker won't be constrained to static binaries except in a very carefully constructed chroot jail. (Or maybe with SELinux and ACLs, which is maybe what you were saying?)) -- #define X(x,y) x##y Peter Cordes ; e-mail: X(peter@llama.nslug.n , s.ca) "The gods confound the man who first found out how to distinguish the hours! Confound him, too, who in this place set up a sundial, to cut and hack my day so wretchedly into small pieces!" -- Plautus, 200 BC
Attachment:
pgpR7B1A08Ceh.pgp
Description: PGP signature